Security tips for working from home
- By
- Harvey Brofman
The coronavirus pandemic and resulting shelter-in-place orders in many parts of the world have forced a large number of employees into unfamiliar territory—not just working remotely, but full-time working from home. Not every organization was prepared for this scenario, so it’s only natural that some may not have an adequate level of policies or best practices in place that others do.
Given this, it seems a good time to explore some tips when working outside the office. It’s good to be aware of and take appropriate precautions. Even if your company hasn’t been perfectly clear detailing well thought out policy, it’s time to start thinking about ways to guard against unauthorized access or inadvertent disclosure.
Make sure to get yourself up to speed with the guidelines that your organization has in place for remote work. Ask for directions if anything is unclear. Not everyone has the same level of tech-savvy – the only stupid question is one that isn’t asked.
Physical security
Make sure your work devices are physically safe, and that you take steps to avoid offering unauthorized views of confidential information.
When stepping away from your computer, make sure it’s either shut down or locked. Don’t tempt others leaving your work open. If it’s good practice around the office, it is imperative when working from home.
Your company may already have considered/implemented Encryption. This also helps protect information on stolen or compromised computers. If you’re not sure, ask your IT department whether you have it and if they think it’s necessary.
System access
If you think criminals (cyber or otherwise) will be sensitive to global events and refrain from taking advantage of, and attacking remote workers, you would be wrong.
Maybe your company’s IT department does such a great job protecting your network and servers, employees gave little thought to restricting access to servers with sensitive data. Perhaps with everything upended, you’ve been forced to work remotely from a personal computer or laptop—one you never gave a second thought to securing before coronavirus changed the world around us.
- Access to your computer’s desktop should at least be password protected.
- The password should be a strong one. If the system is stolen, this will keep the thief from easily accessing company information. Consider Password Security Doesn’t Have to be Hard, See These 15 Best Practices
If office network permissions previously gave you unfettered access to work software, now you may be required to enter a variety of passwords to gain access. If your company doesn’t already offer a single sign-on service, consider using a password manager. It will be much more secure than a written list of passwords left on your desk. Here at Point of Care, we like 1Password, many of us have been using it for years. And it does more than just manage passwords. Consider 8 reasons to use 1Password that don’t involve storing passwords.
If you’re connecting your work computer to your home network, make sure you don’t make it visible to other computers in the network. Also, make sure the option to share files is off.
Keep Things Separate
It’s important to carve out boundaries between work life and home life while working from home, true too, for devices.
While it may seem cumbersome to constantly switch back and forth between home and work device, do your best to at least keep your main work computer and your main home computer separate (if you have more than one such device). If you can do the same for your mobile devices – even better. The more programs/apps you install, the more potential vulnerabilities you introduce.
Don’t pay your home bills on the same computer you compile work spreadsheets. You can not only create confusion for yourself, but also end up compromising your personal information when a cybercriminal was looking to breach your company.
In a post about maintaining security with remote workers, many staff members admit to moving files between work and personal computers while working from home. A further 13 percent admit to sending work emails via personal email addresses because they are unable to connect to an office network.
Don’t send work-related emails from your private email address and vice versa. Not only does it look unprofessional, but you are weaving a web that might be hard to untangle once we get back to the normal office routine.
Home Wi-Fi
Secure your home Wi-Fi with a strong password, in case a Virtual Private Network (VPN) isn’t an option or if it fails for some reason.
Access to the settings on your home router should be password protected as well. Be sure to change the default password it came with! Admin, Password is a major fail, 12345 is too (refer to the password security link above for additional info.
Cybersecurity best practices
Many security practices may not be all that different from those you are / should be practicing in the office, but they are easy to forget when you are working in your own home environment. A few of the most important:
Be wary of phishing emails. There will be many going around trying to capitalize on fear related to the coronavirus, questions about isolation and its psychological impacts, or even pretending to offer advice or health information. Be vigilant, read those emails with an eye of skepticism and do not open attachments unless they’re from a known, trusted source.
Your company may be sending you emails and missives about new workflows, processes, or reassurances. Watch out for those disguising themselves as someone from your company and pay close attention to the actual email address of senders.
Beware of exposure on social media. Try to maintain typical behavior and routine: Once again, watch out for scams and misinformation, as criminals love using this medium to ensnare their victims.
Stay safe, and while practicing necessary physical distancing, remember to keep in contact with others who may be socially at risk.
Additional Reading:
Security, Many Questions and Future Readiness
Protecting Your Business. Questions YOU Should Ask Your System Vendors Today – Part III
Tools For Your Business In The Work From Home Days Of Coronavirus
Why you don’t need 27 different passwords